Author: jmm-guest Date: 2006-03-03 14:39:18 +0000 (Fri, 03 Mar 2006) New Revision: 3553 Modified: data/CVE/list Log: fixed issues in amaya and gallery2 gallery2''s security history is too bad to make it part of Etch, this probably deserves a RC bug IMO Modified: data/CVE/list ==================================================================--- data/CVE/list 2006-03-02 18:54:01 UTC (rev 3552) +++ data/CVE/list 2006-03-03 14:39:18 UTC (rev 3553) @@ -1,3 +1,7 @@ +CVE-2006-XXXX [the usual gallery2 XSS] + - gallery2 2.0.3-1 +CVE-2006-XXXX [Insecure rpath in amaya] + - amaya 9.4-1 (bug #341424) CVE-2006-0937 (U.N.U. Mailgust 1.9 allows remote attackers to obtain sensitive ...) TODO: check CVE-2006-0936 (Free Host Shop Website Generator 3.3 allows remote authenticated users ...) @@ -73,7 +77,7 @@ CVE-2006-0901 (Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and ...) TODO: check CVE-2006-0900 (nfsd in FreeBSD 6.0 kernel allows remote attackers to cause a denial ...) - TODO: check + - kfreebsd-5 5.4-15 CVE-2006-0899 (Directory traversal vulnerability in index.php in 4Images 1.7.1 and ...) TODO: check CVE-2006-0898 (Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV ...)